/// <summary>
/// 移动Ldap
/// </summary>
/// <param name="ldapPath">必须是带用户的Ldap路径 如:LDAP://10.45.9.11/cn=Yong Luo,ou=110_Marketing,ou=pphbh.com,dc=ops,dc=net</param>
/// <param name="toLdapPath">必须OU路径:如:LDAP://10.45.9.11/ou=110_Marketing,ou=离职员工,dc=ops,dc=net</param>
/// <param name="newName">新的OU名称</param>
/// <param name="config">配置文件</param>
/// <returns></returns>
public bool MoveTo(string ldapPath, string toLdapPath, string newName, AdAdminConfig config)
{
try
{
var eLocation = new DirectoryEntry(ldapPath, config.AdminAccount, config.AdminPwd);
if (CreateOu(toLdapPath, config))
{
var nLocation = new DirectoryEntry(toLdapPath, config.AdminAccount, config.AdminPwd);
nLocation.AuthenticationType = AuthenticationTypes.Secure;
if (string.IsNullOrEmpty(newName))
{
newName = eLocation.Name;
}
eLocation.MoveTo(nLocation, newName);
nLocation.Close();
return(true);
}
eLocation.Close();
return(false);
}
catch (Exception ex)
{
return(false);
}
}
/// <summary>
/// 在已知ou下面创建下级ou
/// </summary>
/// <param name="ouParentPath">LDAP://10.45.9.11/ou=离职员工,dc=ops,dc=net</param>
/// <param name="newOuName">增加ou信息(Name 必须赋值)</param>
/// <param name="config">管理员密码配置</param>
public bool CreateOuChilren(string ouParentPath, string newOuName, AdAdminConfig config)
{
try
{
DirectoryEntry deBase = new DirectoryEntry(ouParentPath, config.AdminAccount, config.AdminPwd);
DirectorySearcher ouSrc = new DirectorySearcher(deBase);
//ouSrc.PropertiesToLoad.Add("ou");
ouSrc.Filter = $"(OU={newOuName})";
ouSrc.SearchScope = SearchScope.Subtree;
SearchResult srOu = ouSrc.FindOne();
if (srOu == null)
{
/* OU Creation
*/
DirectoryEntry anOu = deBase.Children.Add($"OU={newOuName}", "organizationalUnit");
anOu.CommitChanges();
anOu.Close();
deBase.Close();
return(true);
}
}
catch (Exception ex)
{
return(false);
}
return(false);
}
public static bool EmptyGroup(string groupname, AdAdminConfig config)
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
config.ServerIpOrDomain,
config.AdminAccount,
config.AdminPwd);
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, groupname);
if (group != null)
{
foreach (Principal p in group.GetMembers())
{
UserPrincipal theUser = p as UserPrincipal;
if (theUser != null)
{
group.Members.Remove(theUser);
try
{
group.Save();
}
catch (Exception e)
{
Console.WriteLine(e);
}
}
}
return(true);
}
return(false);
}
public static bool AddUserToGroup(string samAccountName, string groupName, AdAdminConfig config)
{
if (IfUserExist(samAccountName, config))
{
if (!IfUserExistInGroup(samAccountName, groupName, config))
{
try
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
config.ServerIpOrDomain,
config.AdminAccount,
config.AdminPwd);
// find the group in question
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, groupName);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, samAccountName);
group.Members.Add(user);
group.Save();
group.Dispose();
user.Dispose();
ctx.Dispose();
}
catch (Exception ex)
{
return(false);
}
return(true);
}
return(false);
}
return(false);
}
/// <summary>
/// 重新OU最后一个名称
/// 如:path=LDAP://10.45.9.11/ou=hr,ou=离职员工,dc=ops,dc=net
/// 执行Rename(path,"RD",config)
/// 结果:LDAP://10.45.9.11/ou=RD,ou=离职员工,dc=ops,dc=net
/// </summary>
/// <param name="path">如:LDAP://10.45.9.11/ou=离职员工,dc=ops,dc=net </param>
/// <param name="newName">Ou名称</param>
/// <param name="config"></param>
public string Rename(string path, string newName, AdAdminConfig config)
{
var de = new DirectoryEntry(path, config.AdminAccount, config.AdminPwd);
de.Rename($"OU={newName}");
var result = de.Path;
de.Close();
return(result);
}
/// <summary>
/// 获取存在的ou在数组中的序号
/// </summary>
/// <param name="paths"></param>
/// <param name="config"></param>
/// <param name="notExistsIndex"></param>
private void GetExistsLevalIndex(List <string> paths, AdAdminConfig config, ref int notExistsIndex)
{
notExistsIndex = notExistsIndex - 1;
if (notExistsIndex < 0)
{
return;
}
var currentPath = paths[notExistsIndex];
if (!IsExistsOu(currentPath, config))
{
GetExistsLevalIndex(paths, config, ref notExistsIndex);
}
}
public static bool IfUserExistInGroup(string username, string groupname, AdAdminConfig config)
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
config.ServerIpOrDomain,
config.AdminAccount,
config.AdminPwd);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, username);
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, groupname);
if (group != null && (user != null && user.IsMemberOf(group)))
{
return(true);
}
return(false);
}
/// <summary>
///
/// </summary>
/// <param name="parentPath">全路径,必须LDAP开头</param>
/// <param name="ouName"></param>
/// <param name="config"></param>
/// <returns></returns>
public string CreateOuPath(string parentPath, string ouName, AdAdminConfig config = null)
{
if (string.IsNullOrEmpty(parentPath) && config == null)
{
throw new Exception("parentPath与config参数不能同时为空.");
}
if (string.IsNullOrEmpty(parentPath))
{
return($"LDAP://{config.ServerIpOrDomain}/ou={ouName},{config.DcContainer}");
}
string domain = GetLdapDomain(parentPath);
int index = parentPath.LastIndexOf('/') + 1;
string ou = parentPath.Substring(index);
return($"{domain}ou={ouName},{ou}");
}
public static bool IfGroupExist(string groupname, AdAdminConfig config)
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
config.ServerIpOrDomain,
config.AdminAccount,
config.AdminPwd);
GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, groupname);
if (grp != null)
{
grp.Dispose();
ctx.Dispose();
return(true);
}
ctx.Dispose();
return(false);
}
/// <summary>
/// 根据ou路径判断路径是否创建,递归创建OU tree
/// oupath=LDAP://10.45.9.11/ou=HR,ou=离职员工,ou=allusers,dc=ops,dc=net
/// 会创主机建出 ou=allusers,ou=离职员工,ou=hr
/// </summary>
/// <param name="ouPath">LDAP://10.45.9.11/ou=离职员工,dc=ops,dc=net</param>
/// <param name="config"></param>
/// <returns></returns>
public bool CreateOu(string ouPath, AdAdminConfig config)
{
try
{
var paths = GetOuLevels(ouPath);
int count = paths.Count;
if (count < 1)
{
return(false);
}
var notExistsIndex = count - 1;
var currentPath = paths[notExistsIndex];
if (!IsExistsOu(currentPath, config))
{
GetExistsLevalIndex(paths, config, ref notExistsIndex);
var parentOuPath = paths[notExistsIndex];
for (int i = notExistsIndex + 1; i < count; i++)
{
var itemPath = paths[i];
var ouName = GetLastOuName(itemPath);
var ouEntity = new OuEntity {
Name = ouName
};
var isSuccess = CreateOuChilren(parentOuPath, ouEntity, config);
if (!isSuccess)
{
return(false);
}
parentOuPath = itemPath;
}
}
return(true);
}
catch (Exception ex)
{
Console.Write(ex);
return(false);
}
}
public static bool CreateGroup(string path, string name, AdAdminConfig config)
{
if (!DirectoryEntry.Exists(path))
{
try
{
DirectoryEntry entry = new DirectoryEntry(path, config.AdminAccount, config.AdminPwd);
DirectoryEntry group = entry.Children.Add("CN=" + name, "group");
group.Properties["sAmAccountName"].Value = name;
group.CommitChanges();
return(true);
}
catch (Exception e)
{
return(false);
}
}
//EmptyGroup(name, config);
return(false);
}
public static bool IfUserExist(string username, AdAdminConfig config)
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
config.ServerIpOrDomain,
config.AdminAccount,
config.AdminPwd);
UserPrincipal usr = UserPrincipal.FindByIdentity(ctx,
IdentityType.SamAccountName,
username);
if (usr != null)
{
usr.Dispose();
ctx.Dispose();
return(true);
}
ctx.Dispose();
return(false);
}
/// <summary>
/// 是否存在OU
/// </summary>
/// <param name="path">LDAP://10.45.9.11/ou=离职员工,dc=ops,dc=net</param>
/// <param name="config"></param>
/// <returns></returns>
public bool IsExistsOu(string path, AdAdminConfig config)
{
DirectoryEntry directoryEntry = new DirectoryEntry(path);
directoryEntry.Username = config.AdminAccount;
directoryEntry.Password = config.AdminPwd;
bool exists = false;
// Validate with Guid
try
{
var tmp = directoryEntry.Guid;
exists = true;
}
catch (Exception ex)
{
exists = false;
}
directoryEntry.Close();
return(exists);
}
public static bool ChangeGroupScope(string s, GroupScope gp, AdAdminConfig config)
{
try
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
config.ServerIpOrDomain,
config.AdminAccount,
config.AdminPwd);
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, s);
if (group != null)
{
group.GroupScope = gp;
group.Save();
}
return(true);
}
catch (Exception ex)
{
Console.Write(ex);
return(false);
}
}
public AdHelper(AdAdminConfig adAdminConfig, ExchangeAdminConfig exchangeAdminConfig)
{
AdAdminConfig = adAdminConfig;
ExchangeAdminConfig = exchangeAdminConfig;
_accountSvc = new AdMethodsAccountManagement(AdAdminConfig);
}